Users - Intergraph Smart API Manager - 2020 (4.0) - Help

Any user created with the Users feature becomes part of the local users store maintained by Smart API Manager.

A local user is useful for logging into Smart API Manager to perform administrative tasks. For example, the System Administrators group typically contains a local user, created when Smart API Manager is first configured. You likely logged into Smart API Manager for the first time with this user’s credentials (username and password).

While you can add a local user to a group to authorize access to a Smart API, it is preferable to use identities from an external identity provider whenever possible to avoid duplicating credentials for the same user.

You can also map an external identity to a local user, if that configuration is advantageous for your environment.

Role-based access for Smart API Manager users

You can control a user’s access to features in Smart API Manager by assigning the user (via a local user or external identity) to one of three pre-defined groups:

If you review these groups, you will notice that each one is authorized to access Intergraph Smart API Manager: Management API. This Smart API drives Smart API Manager, itself a Smart Client registered as Intergraph Smart API Management Dashboard.

The User Access Level (role) claim controls the role-based access for Smart API Manager. The enumeration claim has the following three claim types and values:

Thus, if you have a user in another group, and you want the user to be able to log into Smart API Manager, you could:

1. Authorize the group to access the Smart API Manager: Management API.

2. Set the required User Access Level claim to the appropriate value, for example, System Administrator, if you wish to give the user full control.

See Give a group access to a Smart API for details.